VirusShare_74a7c701f8df76070ac4df651ffcb03b

Sharing

Copy URL Twitter E-mail

General

Target

VirusShare_74a7c701f8df76070ac4df651ffcb03b
Size

366KB
MD5

74a7c701f8df76070ac4df651ffcb03b
SHA1

362a7ad393c1ee28079534a5f407b4aa79263ac5
SHA256

38edf6a104ed3779488b8be0e68b26a7c8adb848b1b458df5cb7887e4ce91ba1
SHA512

46b36be3d63055813e5a891d5e5e1dedd58d09ef71bd7eeb692430b7270218325d45b84454af26fbd5c86d96c7f2af6a09369b5f7c6fe60d17ced48f10cb7cfb
SSDEEP

6144:/6MvqOPk0xsPtERtGl+3IIfx4zD+n+2ZtZiOZdTU+KgkIMO7W1263fEG63v:/6MrPl+tC7fqGtZ7fU+1/0b3bw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VirusShare_74a7c701f8df76070ac4df651ffcb03b

Files

VirusShare_74a7c701f8df76070ac4df651ffcb03b
.exe windows:4 windows x86 arch:x86

0cfeba57fa325530cfcac756f810f07b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
RegCreateKeyA
RegEnumKeyA
QueryServiceConfig2A
EnumDependentServicesW
GetOldestEventLogRecord
MapGenericMask
ReadEventLogW
PrivilegedServiceAuditAlarmW
BuildImpersonateTrusteeA
LockServiceDatabase
RegEnumValueW
RegDeleteValueA
MakeSelfRelativeSD
GetKernelObjectSecurity
SetSecurityDescriptorGroup
SetThreadToken
IsValidSid
GetServiceDisplayNameW
DeregisterEventSource
CreateServiceA
RegEnumKeyExW
LsaOpenPolicy
GetSecurityDescriptorSacl
RegReplaceKeyA
EqualPrefixSid
ReportEventA
AbortSystemShutdownW
GetPrivateObjectSecurity
SetKernelObjectSecurity
AccessCheckAndAuditAlarmA
QueryServiceObjectSecurity
RegSetKeySecurity
GetSecurityDescriptorGroup
SetSecurityInfo
OpenBackupEventLogA
AdjustTokenPrivileges
RegCreateKeyExA
LsaLookupNames
RegSetValueW
OpenEventLogA
ControlService
BuildTrusteeWithSidA
FreeSid
LsaQueryTrustedDomainInfo
RegOpenKeyA
GetAce
GetServiceKeyNameA
SetEntriesInAclA
LookupAccountNameA
StartServiceA
GetLengthSid
RegSaveKeyA
GetUserNameW
GetExplicitEntriesFromAclW
GetSidIdentifierAuthority
LsaAddAccountRights
RegDeleteValueW
LsaEnumerateAccountRights
ObjectCloseAuditAlarmW
RegCreateKeyW
RegOpenKeyExA
MakeAbsoluteSD
AdjustTokenGroups
GetNamedSecurityInfoW
GetSidSubAuthorityCount
GetTokenInformation
RegQueryInfoKeyW
SetSecurityDescriptorSacl
LsaNtStatusToWinError
QueryServiceLockStatusW
EqualSid
InitializeSecurityDescriptor
BackupEventLogW
RegQueryValueA
CreatePrivateObjectSecurity
RegOpenKeyW
NotifyChangeEventLog
CopySid
LsaEnumerateAccountsWithUserRight
AccessCheck
RegCreateKeyExW
LookupPrivilegeDisplayNameW
GetNumberOfEventLogRecords
LsaClose
OpenBackupEventLogW
EnumServicesStatusA
OpenServiceA
RegisterEventSourceA
RegNotifyChangeKeyValue
RegSetValueA
RevertToSelf
GetSidSubAuthority
ObjectDeleteAuditAlarmW
RegQueryValueW
RegSetValueExW
ChangeServiceConfigW
GetTrusteeFormA
RegOpenKeyExW
RegRestoreKeyW
ImpersonateSelf
AddAce
IsValidAcl
UnlockServiceDatabase
QueryServiceLockStatusA
GetSecurityInfo
RegDeleteKeyA
RegUnLoadKeyW
LsaCreateTrustedDomainEx
BuildSecurityDescriptorW
QueryServiceConfig2W
RegisterEventSourceW
RegCloseKey
GetSecurityDescriptorOwner
BuildTrusteeWithNameW
LookupPrivilegeValueA
GetFileSecurityW
GetAclInformation
CloseServiceHandle
RegGetKeySecurity
AddAccessAllowedAce
RegQueryValueExW
BackupEventLogA
OpenServiceW
RegReplaceKeyW
LsaDeleteTrustedDomain
DeleteService
BuildExplicitAccessWithNameW
StartServiceCtrlDispatcherW
LsaSetInformationPolicy
RegOverridePredefKey
LsaEnumerateTrustedDomains
LogonUserA
CloseEventLog

kernel32

CopyFileA
CreateFileMappingA
GetLogicalDriveStringsA
GetProfileSectionA
GetModuleHandleA
GetStartupInfoA

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_acmdln
_XcptFilter
_except_handler3
_controlfp
__p__fmode
exit
_exit
__set_app_type

lz32

LZRead

user32

EqualRect
EnumDesktopsA

rasapi32

RasGetProjectionInfoA

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cfeba57fa325530cfcac756f810f07b

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

lz32

user32

rasapi32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 4.3MB

.rsrc Size: 36KB - Virtual size: 34KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 4.3MB

.rsrc
Size: 36KB - Virtual size: 34KB

.reloc
Size: 16KB - Virtual size: 13KB